YannickHelmut
Reputation: 555
Only accept 1 domain at authenticiation
I would like to limit the google authentification to email adresses from 1 domain name.
Example: only people from mydomain.com can log in. If your email address does not come from that address, you should get an error.
Has someone tried that already ?
Upvotes: 0
Views: 366
Answers (1)
bojeil
Reputation: 30798
If you are using signInWithPopup/Redirect to sign in users with Firebase you can use google OAuth 'hd' custom parameter. Firebase auth javascript API now supports that:
var provider = new firbease.auth.GoogleAuthProvider();
provider.setCustomParameters({
'hd': 'mydomain.com'
});
firebase.auth().signInWithRedirect(provider);
However, users still have the ability to bypass that in Google sign in. You can also double check on sign in completion the domain and firebase.auth().currentUser.delete() if the domain doesn't match and show the relevant error.
Upvotes: 4
Related Questions
- How to restrict email domains in Firebase Authentication
- Firebase Email Link Authentication - Restrict To Certain Domain(s)?
- Firebase Auth/unauthorized domain. But the domain is already set
- Firebase Authentication: auth/auth-domain-config-required
- Firebase WebApp with Google SignIn only with specific domains and specific users
- Restrict Firebase authentication to a certain domain
- How do I restrict user sign ups to only certain domains in Firebase?
- Custom authDomain in Firebase
- Firebase Auth Couldn't Verify Domain
- Angularfire2 multiple authentication options